Fix - Prevent empty search term in forms query

wpeverest · Jul 23, 2019 · 3bbd92d · 3bbd92d
1 parent 143b7c7
commit 3bbd92d
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 14 deletions.
diff --git a/includes/admin/class-evf-admin-entries-table-list.php b/includes/admin/class-evf-admin-entries-table-list.php
@@ -460,7 +460,7 @@ protected function extra_tablenav( $which ) {
 			$output = ob_get_clean();
 
 			if ( ! empty( $output ) ) {
-				echo $output;
+				echo $output; // @codingStandardsIgnoreLine
 				submit_button( __( 'Filter', 'everest-forms' ), '', 'filter_action', false, array( 'id' => 'post-query-submit' ) );
 
 				// Export CSV submit button.

diff --git a/includes/admin/class-evf-admin-entries.php b/includes/admin/class-evf-admin-entries.php
@@ -136,11 +136,11 @@ public function actions() {
 			if ( isset( $_REQUEST['delete_all'] ) || isset( $_REQUEST['delete_all2'] ) ) { // WPCS: input var okay, CSRF ok.
 				$this->empty_trash();
 			}
-		}
 
-		if ( ! empty( $_REQUEST['_wp_http_referer'] ) && isset( $_SERVER['REQUEST_URI'] ) ) { // WPCS: input var ok, CSRF ok.
-			wp_safe_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce' ), wp_unslash( $_SERVER['REQUEST_URI'] ) ) ); // WPCS: input var ok, sanitization ok.
-			exit();
+			if ( ! empty( $_REQUEST['_wp_http_referer'] ) && isset( $_SERVER['REQUEST_URI'] ) ) { // WPCS: input var ok, CSRF ok.
+				wp_safe_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce' ), wp_unslash( $_SERVER['REQUEST_URI'] ) ) ); // WPCS: input var ok, sanitization ok.
+				exit();
+			}
 		}
 	}
 

diff --git a/includes/admin/class-evf-admin-forms-table-list.php b/includes/admin/class-evf-admin-forms-table-list.php
@@ -224,6 +224,7 @@ public function column_date( $posts ) {
 
 		if ( $time_diff > 0 && $time_diff < 24 * 60 * 60 ) {
 			$h_time = sprintf(
+				/* translators: %s: Time */
 				__( '%s ago', 'everest-forms' ),
 				human_time_diff( $time )
 			);
@@ -445,28 +446,32 @@ public function prepare_items() {
 		$per_page     = $this->get_items_per_page( 'evf_forms_per_page' );
 		$current_page = $this->get_pagenum();
 
-		// Query args
+		// Query args.
 		$args = array(
 			'post_type'           => 'everest_form',
 			'posts_per_page'      => $per_page,
 			'ignore_sticky_posts' => true,
 			'paged'               => $current_page,
 		);
 
-		// Handle the status query
-		if ( ! empty( $_REQUEST['status'] ) ) {
-			$args['post_status'] = sanitize_text_field( $_REQUEST['status'] );
+		// Handle the status query.
+		if ( ! empty( $_REQUEST['status'] ) ) { // WPCS: input var ok, CSRF ok.
+			$args['post_status'] = sanitize_text_field( $_REQUEST['status'] ); // WPCS: input var ok, sanitization ok.
 		}
 
-		$args['s']       = isset( $_REQUEST['s'] ) ? wp_unslash( trim( $_REQUEST['s'] ) ) : '';
-		$args['orderby'] = isset( $_REQUEST['orderby'] ) ? sanitize_text_field( $_REQUEST['orderby'] ) : 'date_created';
-		$args['order']   = isset( $_REQUEST['order'] ) && 'ASC' === strtoupper( $_REQUEST['order'] ) ? 'ASC' : 'DESC';
+		// Handle the search query.
+		if ( ! empty( $_REQUEST['s'] ) ) { // WPCS: input var ok, CSRF ok.
+			$args['s'] = sanitize_text_field( trim( wp_unslash( $_REQUEST['s'] ) ) ); // WPCS: sanitization ok, CSRF ok.
+		}
+
+		$args['orderby'] = isset( $_REQUEST['orderby'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['orderby'] ) ) : 'date_created'; // WPCS: sanitization ok, CSRF ok.
+		$args['order']   = isset( $_REQUEST['order'] ) && 'ASC' === strtoupper( wp_unslash( $_REQUEST['order'] ) ) ? 'ASC' : 'DESC'; // WPCS: sanitization ok, CSRF ok.
 
-		// Get the registrations
+		// Get the forms.
 		$posts       = new WP_Query( $args );
 		$this->items = $posts->posts;
 
-		// Set the pagination
+		// Set the pagination.
 		$this->set_pagination_args(
 			array(
 				'total_items' => $posts->found_posts,